Law #9: Absolute anonymity isn't practically achievable, online or offline
All human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you: In one glance, they can gauge your height, weight, and approximate age. Your accent will probably tell them what country you're from, and may even tell them what region of the country. If you talk about anything other than the weather, you'll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesn't take long for someone to collect enough information to figure out who you are. If you use any payment system other than cash or any transportation other than your own two feet, you leave a trail of data breadcrumbs that can be used to reconstruct a personally identifiable “portrait” of you with remarkable accuracy. If you crave absolute anonymity, your best bet is to live in a cave and shun all human contact.
The same thing is true of the Internet. If you visit a website, the owner can, if he's sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the Web session have to be able to find their way to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe it's the same person who owns the website you just visited! Or what about that innocuous website you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other website owners. If so, the second website owner may be able to correlate the information from the two sites and determine who you are. And anonymity is even less achievable when you factor in location data, which is gathered perpetually by mobile phones and often enough by Web sites, mapping your machine’s IP address to a real-world location with pretty decent accuracy.
Does this mean that privacy is a lost cause? Not at all. Governments along with public and private entities continue to wrestle with how best to balance the need for personal data privacy with other concerns. What it means is that the best way for you to protect your privacy on the Internet is the same as the way you protect your privacy in normal life—through your behavior. Read the privacy statements on the websites you visit, and only do business with those whose data-sharing practices you understand and agree with. If sites you visit allow you to determine how and with whom information about you will be shared, learn how to adjust those settings and check yours regularly. If you're worried about cookies, disable them. Most importantly, remember that information shared by or about you online is only as safe as the least protective, least enforced privacy policies and settings with which it comes into contact. But if it's complete and total anonymity you want, better start looking for that cave.
If you need help with your network's security, please contact DNS today. (http://dynamicsupport.com/)
Source: http://technet.microsoft.com/
No comments:
Post a Comment